实施思科安全访问解决方案考试要点
实施思科安全访问解决方案(SISAS)主要检验考生作为网络安全工程师是否能够使用802.1X和TrustSec来掌握安全访问的组件和架构。下面是小编整理的考试要点:
该考试涵盖思科身份服务引擎(ISE)架构、整体网络威胁缓解的`解决方案和组件以及终点控制解决方案。同时考试考察使用ISE的posture和profiling 服务来掌握基础BYOD概念。
Exam Description:
The first paragraph is the exam description that is followed by a second paragraph with standard copy that appears on all exam topics.
The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.
1.0 Identity Management/Secure Access
1.1 Implement Device Administration
1.1.a Compare and select AAA options
1.1.b TACACS+
1.1.c RADIUS
1.1.d Describe Native AD and LDAP
1.2 Describe Identity Management
1.2.a Describe Features and functionality of Authentication and authorization
1.2.b Describe identity store options (i.e., LDAP, AD, PKI, OTP, Smart Card, local)
1.2.c Implement accounting
1.3 Implement Wired/Wireless 802.1x
1.3.a Describe RADIUS Flows
1.3.b AV Pairs
1.3.c EAP types
1.3.d Describe Supplicant, Authenticator, Server
1.3.e Supplicant options
1.3.f 802.1X phasing (monitor mode, low impact, closed mode)
1.3.g AAA server
1.3.h Network access devices
1.4 Implement MAB
1.5 Implement Network Authorization Enforcement
1.5.a dACL
1.5.b Dynamic VLAN Assignment
1.5.c Describe SGA
1.5.d Named ACL
1.5.e CoA
2.0 Threat Defense
2.1 Implement Firewall
2.1.a Describe SGA ACLs
3.0 Identity Management/Secure Access
3.1 Implement Central Web Auth
3.2 Implement Profiling
3.3 Implement Guest Services
3.4 Implement Posturing
3.5 Implement BYOD
3.5.a Describe elements of a BYOD policy
3.5.b Device registration
3.5.c My devices portal
3.5.d Describe supplicant provisioning
4.0 Troubleshooting, Monitoring and Reporting Tools
4.1 Troubleshoot Identity Management Solutions
5.0 Threat Defense Architectures
5.1 Design Secure wireless solution
6.0 Identity Management Architectures
6.1 Design AAA security solution
6.2 Design Profiling security solution
6.3 Design Posturing security solution
6.4 Design BYOD security solution
6.5 Design Device admin security solution
6.6 Design Guest services security solution
-
2017思科认证考试等级划分
思科认证网络支持工程师认证证书说明了你拥有足够的网络知识去提供服务给中小型企业。下面是小编整理的关于思科认证考试等级划分,欢迎大家参考!思科认证考试等级一般性认证和专业认证思科供给了三个一般性认证品级,它们所代表的专业水平逐级上升:工程师、资深工...
-
思科认证辅导:三种网络交换技术全面对比
网络交换技术还是比较常用的,于是我研究了一下三种网络交换技术全面对比,在这里拿出来和大家分享一下,希望对大家有用。网络交换技术允许共享型和专用型的局域网段进行带宽调整,以减轻局域网之间信息流通出现的瓶颈问题。现在已有以太网、快速以太网、FDDI和ATM技...
-
WIFUND实施思科无线网络基础考试要点
200-355WIFUND实施思科无线网络基础考试时间为90分钟,涵盖与CCNA无线认证相关的60-70道考题。200-355WIFUND考试检验考生RadioFrequency(PF)及802.11等知识点,同时检测考生是否具备安装,配置,监控及基础故障排除小型企业的无线网络的'能力。下面的信息提供了实施...
-
思科认证网络工程师CCNA安全认证考试大纲
CCNA安全认证可满足那些负责网络安全的IT专业人员的'需求。它表示通过认证的专业人士拥有相应的专业技能,能够胜任网络安全专家、网络安全管理员和网络安全支持工程师等职位。该认证所验证的技能包括:在保持数据和设备的完整性、保密性和可用性的条件下安装、故...